Updates 2023-05-09

Posted on May 9, 2023 by Shawn K. Hall

Welcome back, Folks!

Today is Patch Tuesday for May, 2023.

This month brings news that the current stable release of Windows 10 will be the last version released until it is end of life (EOL) in October 2025. This means it is mature and won’t have annoying operating system changes on a regular basis, unlike Windows 11. There were over 150 major hacks, and over 215 application updates this month. All in all it’s a big month, with about 3.5 GB of updates for most users.

This Month in Technology

Alto Calore Servizi, American Bar Association, Americold, Amnesty International Australia, an African telecommunications organization, Apache Superset, APC’s Easy UPS Online Monitoring Software, Apro.cl, automotive Controller Area Network, AvidXchange, Banco de Venezuela, Berkeley, Bitmarck Germany, Bitrue, Blue Shield of California, Bluefield University, Brightline, Caltech, Capita, Cementos Bio-Bio S.A, Cementos Progreso, CH Media, Cisco IOS routers, Cisco PCD, Cisco Phone Adapters, City of Dallas, Texas, Conagua, Constellation Software, 9 cryptocurrency exchange websites, Cummins Behavioral Health Systems, 13 internet domains used for DDoS-for-hire services, Delphi Drug & Alcohol Council, Diocese of Las Vegas, Elastic, Ethan Health, LLC, Eurasia Group, Fairfax County Public Schools, Fincantieri Marine Group, Fortra, FTX, Fullerton India, GDAC, Genova Burns LLC, Google Chrome, Graceworks Lutheran Services, Group Euromotors, Guam Memorial Hospital, a Haarlem (NL) company, Hardenhuish School, HealthPlan Services, Inc., Henry County Hospital, Hillsborough County Supervisor of Elections Office, Hundred Finance, Hyundai, Illumina’s Universal Copy Service, Intel Boot Guard, Intel CPUs, Intel TDX, Iowa Department of Health and Human Services, John Muir Health – Walnut Creek Medical Center, Kabarak University, Kodi Foundation, KuCoin, La Clinica de La Raza, Inc., Lake Dallas Independent School District, Latitude Financial, Level Finance, Lürssen, Mars Area School District, Medtronic, MEO, Merlin, MetaMask, Methodist Family Health, Microsoft SQL servers, MiniMed Distribution Corp., MIT, Modern Cardiology Associates, Montgomery General Hospital, Monument Inc. and Tempest, MSI OEM Signing Keys, Murfreesboro Medical Clinic & SurgiCenter, Naivas Kenya, National Smallbore Rifle Association, NationsBenefits Holdings, LLC, NCR Aloha POS, NextGen Healthcare, Northeastern University, OGUsers, One Brooklyn Health, OrangeTee & Tie, Orqa, Packagist, Papercut, Pathway Healthcare, LLC, Philippines State Agencies, Point32Health, PrestaShop, RaidForums, RentoMojo, Retina & Vitreous of Texas, PLLC, Rheinmetall, Robeson Health Care Corporation, Roskomnadzor, Ruckus Wireless, SafeMoon, Saville Row, Seguros la Occidental, St. Vincent’s Ambulatory Care, Inc., Stanford, SushiSwap, T-Mobile (again), Tasmanian Government, TBK DVR, Tencent QQ, Terravision, TP-Link Archer A21, Trust Wallet, Twitter, two critical infrastructure organizations in the energy sector, two organizations involved in financial trading, Two Rivers Public Health Department, Ukraine, Ukrainian state networks, UMass Amherst, Unique Imaging, Inc, UniSat Wallet, United HealthCare, United Steelworkers Local 286, University of California, San Francisco, University Urology, Unlimited Care, Inc., Upper Peninsula Health Plan, US Consumer Financial Protection Bureau, US military “legacy weapons systems“, Valid Certifcadora, Veeam backup servers, VMware vRealize Log Insight, VMware, Western Digital, WP Advanced Custom Fields, WP Eval PHP, Yearn Finance, Yellow Pages Group, Yucatan government, and Z-Library (again) have reportedly been hacked or compromised this month.

1Password, Bank of Scotland, Google Search, Halifax, Lloyds Bank, Microsoft 365 and Exchange, Reddit, TSB Bank, and Twitter (twice) have suffered from outages this month.

Last months updates broke Microsoft Defender.

Google is finally adding end-to-end encryption to their security authenticator. However, they’re now weakening the security of your Google account by allowing anyone with any of your device PINs or patterns to access your account. If you’ve ever loaned your cell phone or tablet to a five year old to get them to be quiet during a conversation with family, Amazon is giving you another reason to avoid that.

Advertisements (especially via Google and Facebook) remain the #1 method of infecting victims. As if on queue, there will now be more ads in the Microsoft Windows Start Menu. Pirated software is still a very common method to hack a network. Microsoft is adding the ability to opt out of presence detection within Windows 11.

Apple’s new “rapid security response” patching platform is failing. macOS Silicon isn’t safe from ransomware.

QR codes are much more dangerous than you can imagine. Know the risks of reselling your used hardware.

Still no punishment when government violates their own rules. The EU is planning to scan all private files on personal devices in violation of privacy rights. The goal of securely classifying and validating organizational ownership of online resources is a lofty one, but this transparency – as proposed via QWACs – would put privacy at increased risk.

Now for the good news:

Apple and Google are finally taking an interest in how their platforms are abused for stalking via Bluetooth.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is large this month. The typical computer should see roughly 3.5 GB in updates today. Let’s get started.

Windows 10 and Windows 11 versions 22H2 should now be installed. Sadly, the new “Moments” features on Windows 11 will insert advertisements in the Start menu and Control Panel. Just another sign of the continuing decline of Windows.

Microsoft released updates to address 49 vulnerabilities in Microsoft Bluetooth Driver, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Office, Microsoft Office Access, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Office Word, Microsoft Teams, Microsoft Windows Codecs Library, Reliable Multicast Transport Driver (RMCAST), Remote Desktop Client, SysInternals, Visual Studio Code, Windows Backup Engine, Windows Installer, Windows iSCSI Target Service, Windows Kernel, Windows LDAP – Lightweight Directory Access Protocol, Windows MSHTML Platform, Windows Network File System, Windows NFS Portmapper, Windows NTLM, Windows OLE, Windows RDP Client, Windows Remote Procedure Call Runtime, Windows Secure Boot, Windows Secure Socket Tunneling Protocol (SSTP), Windows SMB, Windows Win32K, and MSRT (~2 GB). This includes security updates. A reboot is required.

Apple released updates for AirPods and Beats. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

Fedora 38-1.6 is a security update. This major version adds improved hardware support, modern security benefits, and updates libraries and resources.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Ventura (13.x) means that macOS Catalina (10.15) and older are no longer supported. If you can not install at least macOS Big Sur (11) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v22H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 23.4.3 improves performance and compatibility. This is not a security update.
https://www.amd.com/en/support

Daemon Tools Lite 11.2.0 adds VeraCrypt support, improves ARM compatibility and resolves several bugs. This is not a security update.
https://www.daemon-tools.cc/products/dtLite

Display Driver Uninstaller 18.0.6.3 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Drivers by Seagull 2023.2 adds another 300+ printer and device drivers, encrypted hardware and RFID support. This is a security update.
https://www.seagullscientific.com/support/downloads/drivers/

DS4Windows 3.2.10 resolves several bugs. This is not a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest

Netgear Genie R6400 1.0.1.78 is a security update.
https://www.netgear.com/support/product/R6400.aspx#download

TP-Link Archer AX21 v1.20.230426 is a security update.
https://www.tp-link.com/us/support/download/archer-ax21/v1.20/#Firmware

Wacom Driver 6.4.2-1 resolves several bugs. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.51.110 is a security update.
https://brave.com/

Firefox 113.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Google Chrome 113.0.5672.92 is a security update.
https://www.google.com/chrome/

Google Chrome 109.0.5414.141 is a security update. The 109 version is now only supported on Windows Server 2012 and 2012r2.
https://www.google.com/chrome/

Microsoft Edge 112.0.1722.71 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Microsoft Edge 109.0.1518.78 is a security update. The 109 version is now only supported on Windows Server 2012 and 2012r2.
https://www.microsoft.com/en-us/edge/business/download

Microsoft Edge WebView2 113.0.1774.35 is a security update.
https://developer.microsoft.com/en-us/microsoft-edge/webview2/

Vivaldi 6.0.2979.18 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.50 adds From and To scan filtering. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

ProtonMail (Android) 3.0.14 improves stability and performance. This is not a security update.
https://proton.me/mail/download

Spark 3.4.2.48202 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.4.2.48201 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 102.10.1 improves compatibility and resolves several bugs. This is not a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.1.11 improves stability. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 7.0.2 resolves several bugs and improves integration. This is not a security update.
https://anydesk.com/en/downloads

Dropbox 173.4.6706 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 186.0.0.10.221 is a security update.
https://www.messenger.com/download

FileZilla Client 3.64.0 updates libraries. This should be treated as a security update.
https://filezilla-project.org/

Google Drive 74.0 is a security update.
https://drive.google.com/start

Microsoft Teams 1.6.00.11166 is a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 26.0.1 is a security update.
https://nextcloud.com/

Npcap 1.75 is a security update.
https://nmap.org/npcap/

Signal 6.16.0 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 6.19.8 doesn’t provide a changelog so should be treated as a security update.
https://signal.org/android/apk/

Skype 8.96.0.403 adds several new features and improves stability. This is not a security update.
https://www.skype.com/

Technitium DNS Server 11.1.1 is a security update.
https://technitium.com/dns/

Telegram 4.8.1 resolves several bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 9.6.0 resolves several bugs. This is not a security update.
https://telegram.org/apps

WinSCP 5.21.8 is a security update.
https://winscp.net/eng/index.php

Zoom 5.14.7.15877 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 3.0.7 is a security update.
https://en.3tene.com/

Plex Desktop 1.67.2.3705 is a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.38.2.3738 resolves several bugs. This is a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.32.1.6999 resolves several bugs. This is a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Winamp 5.9.1 is a security update.
https://www.winamp.com/

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2023.4.0.84 resolves dozens of bugs.
https://www.yoyogames.com/en/gamemaker

Lego Studio 2.23.4.1 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

Nintendo Switch 16.0.3 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 23.01-07.20.00 improves stability and performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2023.04.26 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 23.001.20143 is a security update.
https://get.adobe.com/reader

Adobe Substance 3D Painter 8.3.1 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb23-29.html

Audacity 3.3.2 doesn’t provide a changelog so should be treated as a security update.
https://www.audacityteam.org/download/

Calibre 6.17.0 resolves several bugs and improves compression. This is not a security update.
https://calibre-ebook.com/

ImageMagick 7.1.1-8 resolves several bugs. This is not a security update.
https://imagemagick.org/

LibreOffice Fresh 7.5.3 resolves over a hundred bugs. This is a security update. The “Fresh” line is beta software. Please use the Still version which is stable software.
https://www.libreoffice.org/

Nextcloud Desktop 3.8.1 is a security update.
https://nextcloud.com/

PDF Candy Desktop 2.94 doesn’t provide a changelog so should be treated as a security update.
https://pdfcandy.com/

Security Software Updates

One or more of these is likely to be of interest to most people.

Cloudflare WARP 2023.04.27 doesn’t provide a changelog so should be treated as a security update.
https://1.1.1.1/

Cloudflare WARP (macOS) 2023.04.17 doesn’t provide a changelog so should be treated as a security update.
https://1.1.1.1/

HTTP Toolkit 1.12.6 doesn’t provide a changelog so should be treated as a security update.
https://httptoolkit.tech/

MalwareBytes Anti-Malware 4.5.27 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

ProtonVPN 2.4.2 provide cosmetic improvements. This is not a security update.
https://protonvpn.com/download

ProtonVPN (macOS) 3.1.3 improves proof of effect cosmetics and compatibility. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.9.0 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 12.2.0.603 adds detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Tails 5.12 is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.49.2 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

YARA 3.1 fixes several bugs. This should be treated as a security update.
https://github.com/VirusTotal/yara/

Capture Updates

These are unlikely to be of interest to most people.

Camtasia 23.0.2 resolves several bugs. This is not a security update.
https://www.techsmith.com/video-editor.html

Open Broadcaster Software 29.1.0 resolves dozens of bugs. This should be treated as a security update.
https://obsproject.com/

ScreenToGif 2.38 improves high-DPI compatibility. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.1.0.5 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

iMazing HEIC Converter 2.0.7 doesn’t have a changelog so should be treated as a security update.
https://imazing.com/heic

PDF Creator 5.1 adds ARM64 support, improves automation, and resolves several bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.1.2.1 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 1.0.1.8 improves performance. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.26 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 8.10.6 resolves dozens of bugs and improves compatibility. This is a security update.
https://1password.com/downloads/mac/

1Password for Windows 8.10.6 resolves dozens of bugs and improves compatibility. This is not a security update.
https://1password.com/downloads/windows/

Agent Ransack 2022.3389 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Bitwarden 2023.4.0 is a security update.
https://bitwarden.com/

CCleaner 6.11.10455 resolves several bugs and improves compatibility. This is not a security update.
https://www.ccleaner.com/

DesktopOK 10.81 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DMDE 4.0.6.806 resolves several bugs. This is not a security update.
https://dmde.com/

dnGrep 3.2.306.0 updates libraries and implements several new features. This is not a security update.
https://dngrep.github.io/

Everything Toolbar 1.0.5 resolves several bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

Fido 1.45 removes Windows 7 ISO download option since it’s no longer available for download. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3389 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Fing 3.2 no longer provides a changelog so should be treated as a security update.
https://www.fing.com/products/fing-desktop-download-windows

Git SCM 2.40.1 is a security update.
https://git-scm.com/

Go 1.20.4 is a security update.
https://go.dev/

GoodSync 12.2.2 resolves several bugs and introduces a new encrypted file system option. This is not a security update.
https://www.goodsync.com/

grepWin Portable 2.0.13 resolves several bugs. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

IsMyHdOK 3.88 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

Kingston SSD Manager 1.5.2.6 doesn’t provide a changelog so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

Memtest86+ 6.20 adds support for newer hardware and resolves a couple bugs. This is not a security update.
https://www.memtest.org/

NetworkInterfacesView 1.30 adds secondary sorting and sorting by menu. This is not a security update.
https://www.nirsoft.net/utils/network_interfaces.html

NetworkTrafficView 2.44 adds dark background option and sort by to the toolbar. This is not a security update.
https://www.nirsoft.net/utils/network_traffic_view.html

NTLite 2023.4.9228 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 10.0.1010 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

PowerToys 0.69.1 improves stability adn resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

PSAppDeploy 3.9.3 resolves several bugs. This is not a security update.
https://psappdeploytoolkit.com/

PsExec 2.43 fixes a regression with -c. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/psexec

RoboForm 9.4.7 is a security update.
https://www.roboform.com/

Rufus 4.0 resolves several bugs and improves stability. This version now requires Windows 8 and newer. This is not a security update.
https://rufus.ie/en_US/

ScreenConnect 23.3.13.8507 resolves several bugs and breaks application compatibility with older instances. This is not a security update.
https://www.connectwise.com/software/control/download

Synergy 1.14.7 adds ability to bind client to specific network and resolves several bugs. This is not a security update.
https://symless.com/synergy/

Sysmon 14.16 adds new ArchiveDirectory system integrity controls and improves compatibility. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TCPView 4.19 fixes a bug with the 32-bit version. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

TeamViewer 15.41.9 resolves several bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

Unity 2022.2.18 resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

WifiInfoView 2.80 adds full screen mode. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2022.2.1.19 adds several new features. This is not a security update.
https://developer.android.com/studio

GitHub Desktop 3.2.3 resolves a dozen bugs. This is not a security update.
https://desktop.github.com/

Java 8u371 is a security update.
https://www.java.com/en/download/manual.jsp

MySQL ConnectorNet 8.0.33 is a security update.
https://dev.mysql.com/downloads/connector/net/

MySQL Server 8.0.33 is a security update.
https://dev.mysql.com/downloads/installer/

Node.js 18.16.0 adds single-file executable support, improved URL parsing, and resolves a dozen bugs. This is not a security update.
https://nodejs.org/en/

Node.js 19.9.0 improves URL parsing and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js 20.1.0 adds several new features and updates dependencies. This is not a security update.
https://nodejs.org/en/

Rustup 1.26.0 resolves a dozen bugs and adds several new features. This is not a security update.
https://www.rust-lang.org/

VC Runtime 14.34.31938.0 is a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

Visual Studio Code 1.78.1 improves accessibility, color schemes, profile templates, and other features. This is a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.0.8 is a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.25 resolves several bugs. This is not a security update.
https://coppermine-gallery.net/

Drupal 9.4.15 is a security update.
https://drupal.org/download

Joomla 4.3.1 resolves several bugs. This is not a security update.
https://www.joomla.org/

OpenCart 4.0.2.1 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.opencart.com/

Antispam Bee 2.11.3 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/antispam-bee/

Autoptimize 3.1.7 is a security update.
https://wordpress.org/extend/plugins/autoptimize/

Contact Form 7 5.7.6 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.4 doesn’t provide a changelog so should be treated as a security update.
https://wordpress.org/plugins/duplicator/#developers

Sucuri Security 1.8.39 resolves an API error. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

Widgets on Pages 1.7.0 is a security update.
https://wordpress.org/extend/plugins/widgets-on-pages/

WooCommerce 7.6.1 resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WordPress Importer 0.8.1 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wordpress-importer/

WP Cerber Security 9.5.4 improves compatibility. This is not a security update.
https://wpcerber.com/

WP Mail SMTP 3.8.0 resolves several bugs and improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

W3 Total Cache 2.3.2 resolves several bugs. This should be treated as a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WPBakery 6.11.0 resolves several bugs. This is not a security update.
https://wpbakery.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2023-03-14

Posted on March 14, 2023 by Shawn K. Hall

Welcome back, Folks!

Today is Patch Tuesday for March, 2023.

This month brings a (mere) 104 major hacks and over 169 application updates. It’s the lightest month we’ve seen in a while with about 2 GB of updates for most users.

This Month in Technology

AASP, Acer, Activision, Albanian Government, Algodex, Aloha Nursing Rehab Centre, Andrade Gutierrez, AT&T, Atlassian, Bahrain International Airport, Booking.com, Boost Mobile, Burton Snowboards, California Northstate University, Cardiovascular Associates, CentraState, Cerebral Inc, Chick-fil-A, Codman Square Health Center, Coinbase, Community Health Systems, Convex, Danish Hospital websites, Dental Health Management Solutions, Denver Public Schools, Dish Network, Dole, Edgepark Medical Supplies, eMDs, Inc, Essendant, Euler Finance, Eye4Fraud, Fasecolda, the FBI, Flutterwave, Fonasa, Fortinet FortiOS, GDS Holdings, GoDaddy, GSC Game World, GunAuction.com, Hatch Bank, Hawai’i Department of Health, HDB Financial Services, HDFC Bank, Health Link, Henrico Doctors Hospital, Hope Finance, Hospital Clinic de Barcelona, Housing Authority of the City of Los Angeles, Hutchinson Clinic, Hyundai and Kia, iD Tech, Integrative Dentistry, Jump Crypto, LastPass, Lawrence General Hospital, LBB, Lehigh Valley Health Network, LimeVPN, Long Son Petrochemicals, Los Angeles Unified School District, Minneapolis Public Schools, News Corporation, Northeast Surgical Group, PC, Norwegian National Authority for Investigation and Prosecution of Economic and Environmental Crimes, Oakland, CA, PayPal, PetroVietnam, Pierce Transit, Platypus, POSCO Engineering & Construction, RealDudesInc, Reventics, LLC, Ring, Rosarito, San Juan Regional Medical Center, Scandinavian Airlines, Sentara Healthcare, Sharp Healthcare, Shopper+, Southeastern Louisiana University, SpaceX, ST Telemedia Global Data Centers, Stanford University, Technion, TELUS, Tender.fi, Tennessee State University, The Good Guys, Tusla, U.S. Marshals Service, Uranium Finance, Veeam, VGTRK, over 2,800 VMware hosts, Weee, West Cecil Health Center, WH Smith, White Bird Clinic, Wichita Urology Group, PA, Zoll Medical Corp, ZOLL Medical, and Zurcal have reportedly been hacked or compromised this month.

Twitter (twice), Russian state media, Microsoft Exchange Online, and Gmail IMAP have had major outages this month.

Two of the three largest bank failures in US history happened this week. Silicon Valley Bank was (briefly) shut down by regulators after mishandling billions of dollars.
Only days after Silvergate Capital Corp‘s collapse, and Signature Bank followed days later. Roku, for example, was set to lose over 99.9% of their deposits at SVB, almost 26% of their total cash. AcuityAds Holding, BlockFi, Rocket Lab, Roblox, and others were also at risk of major losses. Unfortunately, the federal government is going to bail them out, allowing bad business decisions to avoid any negative repercussions and giving way to cheap investments by larger banks to effectively stack the dominoes higher.

Last months updates broke IIS for Alliance.

Now for the good news:

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is small this month. The typical computer should see roughly 2 GB in updates today. Let’s get started.

Microsoft released updates to address 98 vulnerabilities in Azure, Client Server Run-time Subsystem (CSRSS), Internet Control Message Protocol (ICMP), Microsoft Bluetooth Driver, Microsoft Dynamics, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft OneDrive, Microsoft PostScript Printer Driver, Microsoft Printer Drivers, Microsoft Windows Codecs Library, Office for Android, Remote Access Service Point-to-Point Tunneling Protocol, Role: DNS Server, Role: Windows Hyper-V, Service Fabric, Visual Studio, Windows Accounts Control, Windows Bluetooth Service, Windows Central Resource Manager, Windows Cryptographic Services, Windows Defender, Windows HTTP Protocol Stack, Windows HTTP.sys, Windows Internet Key Exchange (IKE) Protocol, Windows Kernel, Windows Partition Management Driver, Windows Point-to-Point Protocol over Ethernet (PPPoE), Windows Remote Procedure Call, Windows Remote Procedure Call Runtime, Windows Resilient File System (ReFS), Windows Secure Channel, Windows SmartScreen, Windows TPM, Windows Win32K and MSRT (~ 1 GB). This includes security updates. A reboot is required.

Apple released updates for GarageBand for macOS 10.4.8, tvOS 16.3.3, and macOS Big Sur 11.7.4. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

tvOS 16.3.3 is a security update. Use System, Software Update to install the most current version.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

The now-current release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 12 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 23.3.1 improves performance and reliability and resolves several bugs. This is not a security update.
https://www.amd.com/en/support

BullZip PDF Printer 14.2.0.2955 resolves the PrintToPrinter bug. This is not a security update.
https://www.bullzip.com/products/pdf/info.php#download

Crucial Storage Executive 9.01 doesn’t provide a changelog so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Display Driver Uninstaller 18.0.6.1 introduces a new installer, improves Intel cleanup and improves user interface. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

DS4Windows 3.2.9 adds DualSense Edge support and resolves over a dozen bugs. This is not a security udpate.
https://github.com/Ryochan7/DS4Windows/releases/latest

Garmin Express 7.16.3 doesn’t provide a changelog so should be treated as a security update.
https://www.garmin.com/en-US/software/express/

Samsung DeX 2.4.1.11 doesn’t provide a changelog so should be treated as a security update.
https://www.samsung.com/us/apps/dex/

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.49.120 is a security update.
https://brave.com/

Firefox 111.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Google Chrome 111.0.5563.64 is a security update.
https://www.google.com/chrome/

Google Chrome 109.0.5414.129 is a security update. Chrome v109 is being maintained until October 2023 to support Windows Server 2012 and Windows Server 2012 R2.
https://www.google.com/chrome/

Microsoft Edge 110.0.1587.69 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Vivaldi 5.7.2921.63 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

ProtonMail (Android) 3.0.12 improves stability. This is not a security update.
https://proton.me/mail/download

Spark 3.3.4.44396 resolves several bugs and adds zoom and message dragging. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.3.4.44394 resolves several bugs and adds zoom and message dragging. This is not a security update.
https://sparkmailapp.com/

Thunderbird 102.8.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

curl 7.88.1 resolves dozens of bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 169.4.5684 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 182.0.0.9.73 is a security update.
https://www.messenger.com/download

FileZilla Client 3.63.2.1 updates libraries and resolves several bugs. This is a security update.
https://filezilla-project.org/

FileZilla Server 1.6.7 updates libraries and resolves several bugs. This is a security update.
https://filezilla-project.org/

FreeFileSync 12.1 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Microsoft Teams 1.6.00.4472 improves caption and rich call support. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 25.0.4 updates libraries and resolves dozens of bugs. This is a security update.
https://nextcloud.com/

Omada Software Controller 5.9.9 resolves a couple bugs and adds several new features. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Pocketnet-GUI 0.8.41 adds audio upload and resolves several bugs. This is not a security update.
https://pocketnet.app/

Prosody 0.12.3 resolves several bugs. This is not a security update.
https://prosody.im/download/start

Rclone 1.62.0 adds several new features and fixes dozens of bugs. This is not a security update.
https://rclone.org/

Signal 6.9.0 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 6.13.7 doesn’t provide a detailed changelog so should be treated as a security update.
https://signal.org/android/apk/

Skype 8.94.0.428 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.skype.com/

Syncthing 1.23.2 updates libraries and resolves a relay bug. This is not a security update.
https://syncthing.net/

Technitium DNS Server 11.0.3 is a security update. This version is no longer compatible with operating systems older than Windows 10.
https://technitium.com/dns/

Telegram 4.6.5 resolves several bugs. This is not a security update.
https://telegram.org/

Zoom 5.13.11.13434 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Bitwig Studio 4.4.8 improves stability. This is not a security update.
https://www.bitwig.com/download/

darktable 4.2.1 resolves over a dozen bugs. This is not a security update.
https://www.darktable.org/

Kodi 20.1 resolves dozens of bugs. This is not a security update.
https://kodi.tv/

Plex Desktop 1.65.1.3596 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.35.1.3614 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.31.2.6810 resolves several bugs including crash bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2023.2.0.71 resolves dozeens of bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.1.158 resolves dozens of bugs. This is not a security update.
https://gdevelop.io/download

Lego Studio 2.23.2.1 now displays the color of bricks in the tooltip. This is not a security update.
https://www.lego.com/en-us/ldd

Nintendo Switch 16.0.0 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PlayStation PS3 4.90 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps3/system-software/

PlayStation PS4 10.50 provides several cosmetic updates. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps4/system-software/

PlayStation PS5 23.01-07.01.00 improves stability and adds several cosmetic and voice features. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 23.001.20064 is a security update.
https://get.adobe.com/reader

Adobe Commerce 2.4.6, 2.4.5-p2, and 2.4.4-p3 are security updates.
https://helpx.adobe.com/security/products/magento/apsb23-17.html

Adobe Experience Manager 2023.1 and 6.5.16.0 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb23-18.html

Adobe Illustrator 27.3.1 is a security update.
https://helpx.adobe.com/security/products/illustrator/apsb23-19.html

Adobe Dimension 3.4.8 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb23-20.html

Adobe Creative Cloud 5.10 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb23-21.html

Adobe Substance 3D Stager 2.0.1 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb23-22.html

Adobe Photoshop 23.5.4 and 24.2.1 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb23-23.html

Adobe ColdFusion 2018.16 and 2021.6 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb23-25.html

Audacity 3.2.5 resolves a reliability bug with third-party auth. This is not a security update.
https://www.audacityteam.org/download/

Calibre 6.14.0 improves metadata controls and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

GIMP 2.10.34 resolves several bugs. This is not a security update.
https://www.gimp.org/

ImageMagick 7.1.1-3 adds support for HEIC and resolves several bugs. This is not a security update.
https://imagemagick.org/

Kindle for PC 1.40.65535 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice 7.4.6 resolves over 70 bugs. This is a security update.
https://www.libreoffice.org/

LibreOffice Fresh 7.5.1 resolves 90 bugs. This is a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.7.4 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.5 updates libraries and resolves dozens of bugs. This is not a security update.
https://notepad-plus-plus.org/

OpenOffice 4.1.14 resolves several bugs. This is not a security update.
https://www.openoffice.org/download/

Paint.net 5.0.2 adds ability to invert Alpha channel, performance improvements, and resolves several bugs. This is not a security update.
https://www.getpaint.net/

PDF-XChange Editor 9.5.367.0 is a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.5.0 resolves several bugs. This is not a security update.
https://github.com/countercept/chainsaw

MalwareBytes Anti-Malware 4.5.23 is a security update.
https://www.malwarebytes.org/antimalware/

OpenSSL 3.1.0 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN 3.0.14 improves user interface. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.8.1 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

SanDisk PrivateAccess 6.3.12 doesn’t provide a changelog so should be treated as a security update.
https://support-en.wd.com/app/answers/detailweb/a_id/48025

Tails 5.10 is a security update.
https://tails.boum.org/install/dvd/index.en.html

TinyWall 3.3.1 resolves a couple bugs and releases it open source. This is not a security update.
https://tinywall.pados.hu/

uBlock Origin 1.47.4 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

VT-CLI 0.13.0 adds a couple new features. This is not a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

Camtasia 22.5.1 resolves a dozen bugs. This is not a security update.
https://www.techsmith.com/video-editor.html

SnagIt 23.1.0 resolves dozens of bugs. This is a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.1.0.1 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

StreamFab 6.1.1.2 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 1.0.1.5 adds conversion sampling and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.23 resolves several bugs and improves compatibility. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 8.10.1 resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 8.10.1 resolves several bugs. This is not a security update.
https://1password.com/downloads/windows/

Agent Ransack 2022.3367 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

AOMEI Partition Assistant 9.15.0 adds ability to reset Windows password and recover data. This is not a security update.
https://www.diskpart.com/

Beyond Compare 4.4.6.27483 improves compatibility. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitwarden 2023.2.0 adds several new security and feature controls, adds new encryption options and adds desktop validation for new devices. This is not a security update.
https://bitwarden.com/

CPU-Z Installer 2.05 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

CurrPorts 2.70 adds dark mode and several new sort options. This is not a security update.
https://www.nirsoft.net/utils/cports.html

DesktopOK 10.71 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 3.2.279.0 resolves several bugs. This is not a security update.
https://dngrep.github.io/

Etcher 1.18.5 updates libraries. This is not a security update.
https://www.balena.io/etcher/

Everything Toolbar 1.0.3 resolves several bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

Fido 1.44 now prevents operation on non-Windows platforms. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3367 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Git SCM 2.40.0 is a security update.
https://git-scm.com/

Go 1.20.2 is a security update.
https://go.dev/

GoodSync 12.1.9 resolves several bugs. This is a security update.
https://www.goodsync.com/

HWMonitor 1.50 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

NetworkInterfacesView 1.27 adds a new column for Metric. This is not a security update.
https://www.nirsoft.net/utils/network_interfaces.html

NTLite 2023.3.9160 adds support for new features and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 10.0.1009 resolves several bugs. This is a security update.
https://www.osforensics.com/download.html

osquery 5.8.1 is a security update.
https://osquery.io/downloads

PowerToys 0.68.1 adds Paste as Plain Text, Mouse Jump, new GPO policies, and resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ProcessMonitor 3.93 resolves several user interface and log file bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

RoboForm 9.4.4 is a security update.
https://www.roboform.com/

Seagate DiscWizard 25.0.1.39868 doesn’t provide a changelog so should be treated as a security update.
https://www.seagate.com/support/downloads/item/discwizard-master-dl/

SimpleWMIView 1.53 adds Sort By option to the toolbar. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

TcpLogView 1.37 adds several sorting options and resolves a bug. This is not a security update.
https://www.nirsoft.net/utils/tcp_log_view.html

TeamViewer 15.39.6 resolves several bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

Unity 2022.2.10 resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

Ventoy 1.0.89 resolves several bugs. This is not a security update.
https://www.ventoy.net/en/index.html

WifiInfoView 2.78 adds new sorting options and updates the internal MAC address database. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinRAR 6.21 resolves several bugs. This is not a security update.
https://www.rarlab.com/

WizFile 3.09 adds support for RegExp search, DrivePool, Storage Spaces, virtual drives, and resolves several bugs. This is not a security update.
https://antibody-software.com/wizfile/

ZoomText 2023 2023.2302.8.400 improves stability and resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

ADB 34.0.1 resolves a couple bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

Android Studio 2022.1.1.21 resolves several bugs. This is not a security update.
https://developer.android.com/studio

GitHub Desktop 3.2.0 resolves several bugs. This is not a security update.
https://desktop.github.com/

Inno Setup 6.2.2 is a security update.
https://www.jrsoftware.org/isdl.php

Node.js 19.7.0 updates dependencies and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Node.js 14.21.3 is a security update.
https://nodejs.org/en/

Node.js 16.19.1 is a security update.
https://nodejs.org/en/

Node.js 18.15.0 is a security update.
https://nodejs.org/en/

SQLite 3.41.1 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.76.1 resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.22 resolves several bugs. This is not a security update.
https://coppermine-gallery.net/

Drupal 9.5.4 resolves several bugs. This is not a security update.
https://drupal.org/download

Joomla 4.2.9 is a security update.
https://www.joomla.org/

jQuery 3.6.4 adds selector forgiveness. This is not a security update.
https://code.jquery.com/

MailEnable Enterprise 10.45 is a security update.
https://www.mailenable.com/

MailEnable Enterprise 9.87 is a security update.
https://www.mailenable.com/

OpenPetra 2023.02 resolves several bugs. This is not a security update.
https://www.openpetra.org/

ownCloud Client 3.2.1.10355 resolves several bugs. This is not a security update.
https://owncloud.com/desktop-app/

Piwigo 13.6.0 is a security update.
https://piwigo.org/

YOURLS 1.9.2 improves compatibility and resolves several bugs. This is not a security update.
https://yourls.org/

BuddyPress 11.1.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.7.4 improves compatibility and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Social Post Feed 4.1.8 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Sucuri Security 1.8.37 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

WooCommerce 7.5.0 is a security update.
https://wordpress.org/extend/plugins/woocommerce/

WP Cerber Security 9.5 resolves several bugs. This is not a security update.
https://wpcerber.com/

WPtouch 4.3.51 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2022-12-13

Posted on December 13, 2022 by Shawn K. Hall

Merry Christmas, Folks!

Today is Patch Tuesday for December, 2022.

This month brings a new version of Windows 10 (v22H2), critical security updates for all supported Apple products, and (literally) new security updates every single week since the last update cycle on November 8th. That’s on top of the 150+ major hacks, and over 165 application updates this month. Prepare yourself, there will be about 4 GB of updates for most devices this month.

This Month in Technology

Over 15,000 websites, Abandonia2022, ABB Totalflow, Accuro, Acer UEFI Secure Boot, dozens of apps using the Algolia API, Amazon ECR, Amnesty International Canada, Android, Android OEM certificates, André-Mignot Hospital, Ankr, Antwerp, Belgium, Argentina de Soluciones Satelitales, Arkansas Department of Human Services, Atlassian Bitbucket Server, Bahrain, Bank of Russia, Boa web server, California’s Department of Finance, Canadian Teachers Union, Canon hardware, CareFirst Administrators, CCA Health Plans of California, Inc d/b/a CCA Health CA, Central Depository Services Ltd, Chiropractic Board of New Zealand, Cincinnati State Technical and Community College, Cisco IP phones, Citrix ADC and Gateway, CloudSEK, Codesys, CoinTracker, CommonSpirit Health, Community Health Network, Inc. as an Affiliated Covered Entity, Connexin Software, Consumer Directed Services In Texas, Inc., CorrectCare Integrated Health Inc, County of Tehama, California, Dallam Hartley Counties Hospital District, Deribit, Dermatology & Skin Cancer Ctr, PC, Dialpad, Inc., Dietitians Board of New Zealand, Docs Medical Inc, Doctors’ Center Hospital, Dr. Douglas C. Shoenberger,PC, Durham District School Board, Dutch LNG Terminal, Easton Cardiovascular, Ellen M. Field, M.D., Epic Management LLC, European Parliament, F5 BIG-IP and BIG-IQ, Fars News Agency, Festo, FortiOS SSL-VPN, FTX, GATE Petroleum Company Employee Benefits Plan, Gateway Rehabilitation Center, General Council of the Judiciary, GGCorp, Google Pixel 5 and 6, Google’s Looker Studio, GoTo, Guatemala’s Ministry of Foreign Affairs, Health Care Management Solutions, LLC, Health New Zealand, Hope Health Systems Inc., Hospital Center of Versailles, HP hardware, Hyundai and Genesis cars, Indian Central Board of Higher Education, Indian Community Health Network, Indian Council of Medical Research, Indian electrical grid operators, Innovative Service Technology Management Services, Inc., Kaiser Foundation Health Plan of the Mid-Atlantic States, Inc., Keralty Group, Lake Charles Memorial Health System, LastPass (again), Lehigh Valley Women’s Specialties, Lenovo UEFI Secure Boot, Lexmark hardware, Magento 2, Manassas Surgery Center Anesthesia Services, MaryAnne Freeman Brndjar, DO, PC, Medibank, Mena Regional Health System, Mercury IT, Microsoft Exchange, Mikrotik hardware, NETGEAR hardware, New York-Presbyterian Hospital, New Zealand Ministry of Justice, New Zealand Psychologists Board, New York-Presbyterian Hospital, a NY salon, NU House Calls, PC, Nuance Communications, Inc., OakBend Medical Center, One Brooklyn Health System, Optometrists and Dispensing Opticians Board of New Zealand, Oracle Fusion, Orange Telecom, Orlando Health, Pendurthi Surgical Associates, Peter J. Isaac, D.O., Physiotherapy Board of New Zealand, Plascar Participacoes Industriais, Podiatrists Board of New Zealand, Polsinelli PC, Quarkus Java Framework, Rackspace, Radio Free Asia, Receivables Performance Management, Restaurants in Cincinnati, Roman Catholic Church, Rosenfeld VanWirt, PC, Royal Mail, Samsung Galaxy S22, Sequoia One, Seville Urban Transport Company, Silverstone Circuit, Sobeys, Sonder, Sonos hardware, South Staffordshire Water, South Walton Fire District, Southampton County, Virginia, Sree Saran Medical Centre, Stanley Street Treatment and Resources, Inc., Synology hardware, Tata Power, Telstra, The Smith Family, TP-Link hardware, Tuloso-Midway Independent School District, Twitter, Uber, Ubiquiti hardware, University Medical Center of Southern Nevada, UOB KayHian, Uruguay’s Ministry of Transport and Public Works, the US government, VMware ESXi, VTB Bank, Western Digital hardware, Whoosh, Work Health Solutions, Wright & Filippis LLC, Xavier College, Yakima Neighborhood Health Services, Yale University, and the Zwijndrecht police have reportedly been hacked or compromised this month.

There’s another novel method for exfiltrating information from air-gapped devices: the power supply. Most US DoD contractors fail to implement basic security controls.

Windows updates last month broke DirectAccess, gaming performance, ODBC database connections, Remote Desktop, Task Manager, Windows Kerberos, caused Windows freezes and domain controller freezes.

Meta (Facebook and Instagram) has acknowledged they’ve been used by the US Military for propaganda.

Now for the good news:

Apple is finally adding end-to-end encryption for some iCloud backups.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 4 GB in updates today. Let’s get started.

Microsoft released updates to address 57 vulnerabilities in .NET Framework, Azure, Client Server Run-time Subsystem (CSRSS), Microsoft Bluetooth Driver, Microsoft Dynamics, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Office, Microsoft Office OneNote, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Windows Codecs Library, Windows Hyper-V, SysInternals, Windows Certificates, Windows Contacts, Windows DirectX, Windows Error Reporting, Windows Fax Compose Form, Windows HTTP Print Provider, Windows Kernel, Windows PowerShell, Windows Print Spooler Components, Windows Projected File System, Windows Secure Socket Tunneling Protocol (SSTP), Windows SmartScreen, Windows Subsystem for Linux, Windows Terminal and MSRT (~ 2.5 GB). This includes security updates. A reboot is required.

Apple released updates for iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2, iOS 16.2 and iPadOS 16.2, macOS Big Sur 11.7.2, macOS Monterey 12.6.2, macOS Ventura 13.1, Safari 16.2, tvOS 16.1.1, tvOS 16.2, and watchOS 9.2. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.7.2, 16.1.2, and 16.2 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.7.2, 16.1.2, and 16.2 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 9.2 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 16.1.1 and 16.2 are security updates. Use System, Software Update to install the most current version.

Google Chrome OS 108.0.5359.75 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 37-1.7 is a major update, adding support for Raspberry Pi 4, new editions, and updates libraries. This is not a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Big Sur (11) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 22.11.2 resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Display Driver Uninstaller 18.0.5.9 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

DS4Windows 3.1.11 resolves several bugs. This is not a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest

Garmin Express 7.15.2 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.garmin.com/en-US/software/express/

NVcleanstall 1.14.0 resolves several bugs. This is not a security update.
https://www.techpowerup.com/download/techpowerup-nvcleanstall/

Nvidia Driver 474.06 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Drivers by Seagull 2022.3 adds support for over 200 new devices. This is not a security update.
https://www.seagullscientific.com/support/downloads/drivers/

Wacom Driver 6.4.0-11 resolves several bugs. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.46.134 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Google Chrome 108.0.5359.98 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 108.0.1462.46 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 108.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Vivaldi 5.6.2867.40 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.10.7 resolves a couple bugs and improves cosmetic options. This is not a security update.
https://getmailspring.com/

OutlookAttachView 3.47 adds option to cancel scan with Esc key. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Spark 3.2.1.40643 resolves many bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.2.1.40641 resolves many bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 102.6 is a security update. Use Menu, Help, About to install the most current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk (macOS) 7.0.0 resolves several bugs and improves interface and Settings. This is not a security update.
https://anydesk.com/en/downloads

BrowsingHistoryView 2.53 adds multiple profile support to several browsers and adds the ability to cancel scan with the Esc key. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

DNSDataView 1.70 adds support for collecting A records of all PTR record. This is not a security update.
https://www.nirsoft.net/utils/dns_records_viewer.html

Dropbox 162.4.5419 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 172.0.0.23.215 is a security update.
https://www.messenger.com/download

FileZilla Client 3.62.2 resolves several bugs. This is not a security update.
https://filezilla-project.org/

FileZilla Server 1.6.1 resolves an installation bug and improves certificate controls. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.28 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 68.0 resolves several bugs. This is not a security update.
https://drive.google.com/start

Microsoft Teams 1.5.00.33362 adds HOSI support for compatible hardware. This is not a security update.
https://teams.microsoft.com/downloads

Minds (Android) 4.30.1 resolves several bugs. This is not a security update.
https://www.minds.com/

Nextcloud Server 25.0.2 resolves dozens of bugs. This is a security update.
https://nextcloud.com/

Omada Software Controller 5.7.4 improves the user interface, adds several new options, and resolves several bugs. This is a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Pocketnet-Core 0.20.29 resolves several bugs. This is not a security update.
https://pocketnet.app/

Pocketnet-GUI 0.8.34 resolves several bugs. This is not a security update.
https://pocketnet.app/

Qbox 4.0.5.35 doesn’t provide a changelog so should be treated as a security update.
https://www.coraltreetech.com/qbox

Rclone 1.60.1 resolves several bugs and improves compatibility. This is not a security update.
https://rclone.org/

Signal 6.0.1 adds Stories support. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 6.3.6 adds donation support. This is not a security update.
https://signal.org/android/apk/

Skype 8.91.0.404 adds universal translation and resolves several bugs. This is not a security update.
https://www.skype.com/

Syncthing 1.22.2 resolves several bugs and updates libraries. This is not a security update.
https://syncthing.net/

Technitium DNS Server 10.0.1 adds several features and resolves bugs. This is a security update.
https://technitium.com/dns/

Telegram 4.4.1 resolves several bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 9.2.1 doesn’t provide a detailed changelog so should be treated as a security update.
https://telegram.org/apps

TP-Link Archer AX21 v1.3.6 is a security update.
https://www.tp-link.com/us/support/download/archer-ax21/v1.20/#Firmware

WinSCP 5.21.6 is a security update.
https://winscp.net/eng/index.php

Zoom 5.12.9.10650 improves policy controls, CC and translation, and resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Bitwig Studio 4.4.3 fixes a couple stability bugs. This is not a security update.
https://www.bitwig.com/download/

Picard 2.8.5 resolves several bugs. This is a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.59.1.3398 adds support for AV1 and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.30.1.3391 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.30.0.6486 adds pattern matching, improves scheduled tasks, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

VLC Media Player 3.0.18 is a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2022.11.0.54 resolves dozens of bugs and improves usability. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.1.152 adds new features, including monetization through assets, and resolves several bugs. This is not a security update.
https://gdevelop.io/download

Lego Studio 2.22.12.1 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

Steam 2022.12.01 resolves 20 bugs. This is not a security update.
https://steamcommunity.com/news/client

SteamOS SteamDeck Update 2022-11-21 resolves many bugs including hardware compatibility, performance and stability issues. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Campaign Classic 7.3.2 and 8.4.2 are security updates.
https://helpx.adobe.com/security/products/campaign/apsb22-58.html

Adobe Experience Manager 2022.10.0 and 6.5.15.0 resolve almost three dozen security vulnerabilities.
https://helpx.adobe.com/security/products/experience-manager/apsb22-59.html

Illustrator 2023 27.0.1 and 2022 26.5.2 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb22-60.html

Artweaver 7.0.14 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Atom 1.63.1 is the final release of Atom before it is to be EOL in a couple days. Please switch to another editor.
https://atom.io/

Audacity 3.2.2 adds VST2 realtime effect support and resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/

Calibre 6.9.0 adds signing to all binaries and resolves several bugs. This should be treated as a security update.
https://calibre-ebook.com/

Inkscape 1.2.2 resolves dozens of bugs. This is not a security update.
https://inkscape.org/release/

Kindle for PC 1.39.65383 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice Fresh 7.4.3 resolves 100 bugs. This is a security update. Remember that the Fresh line is beta software. Most users should use the Still line.
https://www.libreoffice.org/

Nextcloud Desktop 3.6.4 improves stability. This is not a security update.
https://nextcloud.com/

PDF-XChange Editor 9.5.366.0 resolves several bugs. This is not a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.3.0 improves culprit tracking. This should be treated as a security update.
https://github.com/countercept/chainsaw

HTTP Toolkit 1.12.1 doesn’t provide a changelog so should be treated as a security update.
https://httptoolkit.tech/

MalwareBytes Anti-Malware Mac 4.17.8 adds support for macOS Ventura/13. This is not a security update.
https://www.malwarebytes.com/mac/

ProtonVPN 2.3.1 improves user interface. This is not a security update.
https://protonvpn.com/download

ProtonVPN (macOS) 3.0.10 improves the user interface. This is not a security update.
https://protonvpn.com/download

Radmin VPN 1.3.4568.3 adds ability to add exceptions from within the software. This is not a security update.
https://www.radmin-vpn.com/

RogueKiller 15.6.3 updates engine and resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Tails 5.7 is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.45.2 resolves a couple bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Velociraptor 0.6.7 adds PGP automation and resolves several bugs. This is not a security update.
https://github.com/Velocidex/velociraptor/releases/latest

WebBrowserPassView 2.12 adds High-DPI support and improves portable browser support. This is not a security update.
https://www.nirsoft.net/utils/web_browser_password.html

Capture Updates

These are unlikely to be of interest to most people.

Camtasia 22.4.1 resolves several bugs. This is not a security update.
https://www.techsmith.com/video-editor.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.9.4 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

iMazing HEIC Converter 2.0.3 doesn’t provide a changelog so should be treated as a security update.
https://imazing.com/heic

IsoBuster 5.1 adds support for reading the FAT directly, improves performance and stability, and resolves dozens of bugs. This is not a security update.
https://www.isobuster.com/download.php

PDF Creator 5.0.3 resolves several bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.0.0.7 adds support for new encodings and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.18 resolves a merge bug. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 8.9.10 improves 2FA support and compatibility, and resolves dozens of bugs. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 8.9.10 improves 2FA support and compatibility, and resolves dozens of bugs. This is not a security update.
https://1password.com/downloads/windows/

Agent Ransack 2022.3349 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Bitwarden 2022.11.0 implements 2-step authentication and resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.06.10144 adds and improves cleanup for over a dozen applications. This is not a security update.
https://www.ccleaner.com/

Cygwin 3.4.1 resolves several bugs. This is not a security update.
https://cygwin.com/

DesktopOK 10.51 improves compatibility with Windows 11. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 3.1.197.0 adds recycle bin support, resolves several bugs, and improves bookmark behavior. This is not a security update.
https://dngrep.github.io/

Etcher 1.10.6 updates dependencies. This is not a security update.
https://www.balena.io/etcher/

FileLocator Pro 2022.3349 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Git SCM 2.39.0 resolves several bugs. This is not a security update.
https://git-scm.com/

Go 1.19.4 is a security update.
https://go.dev/

GoodSync 12.1.2 resolves dozens of bugs. This is not a security update.
https://www.goodsync.com/

Homedale 2.04 removes log headers and updates languages. This is not a security update.
https://www.the-sz.com/products/homedale/

HWMonitor 1.48 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

NetConnectChoose 1.10 adds Metric column and resolves a network selection bug. This is not a security update.
https://www.nirsoft.net/utils/net_connect_choose.html

NTLite 2.3.9.9018 improves compatibility and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 10.0.1006 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

osquery 5.6.0 resolves several bugs, adds new columns and controls. This is not a security update.
https://osquery.io/downloads

AOMEI Partition Assistant 9.13.0 resolves several bugs. This is not a security update.
https://www.diskpart.com/

PointerStick 6.11 improves compatibility with Windows 11. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.65.0 upgrades dependencies and resolves a couple bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Explorer 17.02 resolves stability bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

RoboForm 9.3.8 resolves several bugs. This is not a security update.
https://www.roboform.com/

Rufus 3.21 updates dependencies, libraries, and resolves several bugs. This is not a security update.
https://rufus.ie/en_US/

ScreenConnect 22.9.10589.8370 resolves dozens of bugs including stability and reliability. This is a security update.
https://www.connectwise.com/software/control/download

Sysmon 14.13 resolves a stability bug. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TeamViewer 15.36.9 improves terminal and scripting support. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

TraceRouteOK 3.22 improves compatibility with Windows 11. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

Unity 2022.2.0 resolves over a hundred bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

WinScan2PDF 8.31 improves compatibility with Windows 11. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.12 resolves a couple bugs. This is not a security update.
https://www.diskanalyzer.com/

ZoomText 2022 2022.2211.5.400 improves integration and stability, and resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

ZoomText 2023 2023.2210.28.400 is a new major version adding tethered view and improves compatibility. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 1.1.36.02 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

Docker Desktop 4.14.1 improves stability and performance, adds WebAssembly support, user interface improvements, upgrades libraries and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Node.js 14.21.2 updates certificates and timezone information. This should be treated as a security update.
https://nodejs.org/en/

Node.js 16.19.0 updates certificates and timezone information. This should be treated as a security update.
https://nodejs.org/en/

Node.js 19.2.0 updates libraries and resolves over a dozen bugs. This is not a security update.
https://nodejs.org/en/

SQLite 3.40.0 improves support for data recovery, performance, and reliability. This is a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.74 adds several new features. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.0.4 resolves over a dozen bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 9.4.9 resolves several bugs. This is not a security update.
https://drupal.org/download

HumHub 1.12.3 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

Joomla 4.2.6 improves compatibility and resolves several bugs. This is not a security update.
https://www.joomla.org/

jQuery 3.6.2 improves compatibility and resolves several bugs. This is not a security update.
https://code.jquery.com/

MailEnable 9.86 is a security update.
https://www.mailenable.com/

MailEnable 10.43 is a security update.
https://www.mailenable.com/

ownCloud Client 3.0.0.9215 resolves dozens of bugs. This is not a security update.
https://owncloud.com/desktop-app/

Piwigo 13.3.0 resolves several bugs. This is not a security update.
https://piwigo.org/

SMF 2.1.3 resolves dozens of bugs. This should be treated as a security update.
https://www.simplemachines.org/

WordPress 6.1.1 resolves dozens of bugs. This is not a security update.
https://wordpress.org/

Akismet 5.0.2 is a security update.
https://wordpress.org/extend/plugins/akismet/

Autoptimize 3.1.4 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

Contact Form 7 5.7 resolves dozens of bugs and improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.1 adds support for the latest build of WordPress and resolves several bugs. This is a security update.
https://wordpress.org/plugins/duplicator/#developers

Redirection 5.3.6 improves translations. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

Simple Lightbox 2.9.3 resolves several bugs and improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/simple-lightbox/

Sucuri Security 1.8.36 is a cosmetic update. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

W3 Total Cache 2.2.9 improves translation support. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 7.1.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPtouch 4.3.46 is a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2022-10-11

Posted on October 11, 2022 by Shawn K. Hall

Welcome back, Folks!

Today is Patch Tuesday for October, 2022. This month brings a new major version of Windows 11, and impending new version of Windows 10. That’s on top of the 120 major hacks, and another 150+ application updates this month. This is actually the lightest month we’ve had in a while, with less than 3 GB of updates for most users.

This Month in Technology

MEC has shared with us why Microsoft Exchange has proven to be such a large target. 350+ million email accounts spread across over 300,000 physical servers, where (demonstrably) security lapses are commonplace. Even with that, it has nothing to do with the recent spate of outlook crashes or certificate issues on MS products.

There’s more evidence demonstrating the risk of pirated software. Twitter neglected to log out devices after password resets. And Dell drivers are being used to hijack computers.

The newest version of Windows 11 was released less than 3 weeks ago. It has problems. Among the many issues with the latest release of Windows 11 include
file copy performance, Windows Hello failure, provisioning, Remote Desktop, printer issues, Intel audio, NVIDIA GeForce Experience, and NVIDIA gaming performance, and those are just the ones that have made the news so far. If you’re planning to upgrade to the latest build of Windows 11, wait another month or two.

Now for the good news:

It turns out the theoretial protection of tinfoil hats may have actually been a government conspiracy. Really. How is this good news? You don’t have to worry about making sure you have tinfoil available anymore! 🙂

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly
GB in updates today. Let’s get started.

Windows 11 22H2 (22621) is a major update for Windows 11, but it has been plagued with issues over the last couple weeks. Give it time before you willingly update.

Microsoft released updates to address 90 vulnerabilities in Active Directory Domain Services, Azure, Azure Arc, Client Server Run-time Subsystem, Microsoft Edge, Microsoft Graphics Component, Microsoft Office, Microsoft Office 365 2209 (15629.20156), Microsoft Office SharePoint, Microsoft Office Word, Microsoft WDAC OLE DB provider for SQL, NuGet Client, Remote Access Service Point-to-Point Tunneling Protocol, Role: Windows Hyper-V, Service Fabric, Visual Studio Code, Windows Active Directory Certificate Services, Windows ALPC, Windows CD-ROM Driver, Windows COM+ Event System Service, Windows Connected User Experiences and Telemetry, Windows CryptoAPI, Windows Defender, Windows DHCP Client, Windows Distributed File System, Windows DWM Core Library, Windows Event Logging Service, Windows Group Policy, Windows Group Policy Preference Client, Windows Internet Key Exchange Protocol, Windows Kernel, Windows Local Security Authority, Windows Local Security Authority Subsystem Service, Windows Local Session Manager, Windows NTFS, Windows NTLM, Windows ODBC Driver, Windows Perception Simulation Service, Windows Point-to-Point Tunneling Protocol, Windows Portable Device Enumerator Service, Windows Print Spooler Components, Windows Resilient File System, Windows Secure Channel, Windows Security Support Provider Interface, Windows Server Remotely Accessible Registry Keys, Windows Server Service, Windows Storage, Windows TCP/IP, Windows USB Serial Driver, Windows Web Account Manager, Windows Win32K, Windows WLAN Service, Windows Workstation Service, and MSRT (~2 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 16.0.3 and watchOS 9.0.2. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS iOS 16.0.3 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 9.0.2 is a security update. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 105.0.5195.134 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 12 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 22.10.1 improves stability. This is not a security update.
https://www.amd.com/en/support

Crucial Storage Executive 8.03 does not provide a changelog so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Display Driver Uninstaller 18.0.5.5 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

DS4Windows 3.1.6 resolves dozens of issues. This is not a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest

Epson ET-4800 3.01 adds support for newer Remote Print Driver and Epson Photo+ Software. This is not a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-4800/s/SPT_C11CJ65201

Garmin Express 7.14.0 doesn’t provide a changelog so should be treated as a security update.
https://www.garmin.com/en-US/software/express/

Intel Driver and Support Assistant 22.6.39 resolves several bugs and improves feedback. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Netgear Nighthawk R7960P 1.4.4.94 is a security update.
https://www.netgear.com/support/product/R7960P.aspx#download

Wacom Driver 6.4.0-8 adds support for newer hardware. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.44.108 is a security update.
https://brave.com/

Google Chrome 106.0.5249.103 is a security update.
https://www.google.com/chrome/

Microsoft Edge 106.0.1370.34 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 105.0.3 is a security update.
https://www.mozilla.org/en-US/firefox/new/

SeaMonkey 2.53.14 is a security update.
https://www.seamonkey-project.org/

Vivaldi 5.5.2805.35 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

NK2Edit 3.45 resolves several bugs. This is not a security update.
https://www.nirsoft.net/utils/outlook_nk2_edit.html

OutlookAttachView 3.46 improves visual feedback. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 102.3.2 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

BrowsingHistoryView 2.52 improves visual feedback. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

Dropbox 158.4.4564 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 164.0.0.8.109 is a security update.
https://www.messenger.com/download

FileZilla Client 3.61.0 should be treated as a security update.
https://filezilla-project.org/

FreeFileSync 11.26 improves performance and resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 64.0.4 resolves several bugs. This is not a security update.
https://drive.google.com/start

Microsoft Teams 1.5.00.21668 adds support for Apple Silicon, group chat reply suggestions, and improves management features. This is not a security update.
https://teams.microsoft.com/downloads

Mumble 1.4.287 improves compatibility. This is not a security update.
https://www.mumble.info/

Nextcloud Server 24.0.6 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Rclone 1.59.2 improves stability. This is not a security update.
https://rclone.org/

Signal 5.62.0 resolves several bugs and improves contact property view. This is not a security update.
https://signal.org/download/windows/

Skype 8.88.0.401 improves stability. This is not a security update.
https://www.skype.com/

Syncthing 1.22.0 resolves several bugs. This is not a security update.
https://syncthing.net/

Technitium DNS Server 9.1 adds certbot support, dashboard improvements, and several other features. This is not a security update.
https://technitium.com/dns/

Telegram 4.2.4 resolves several bugs. This is not a security update.
https://telegram.org/

WinSCP 5.21.5 is a security update.
https://winscp.net/eng/index.php

Zoom 5.12.2.9281 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Bitwig Studio 4.4 improves stability, adds new audio FX packages, and new “spectral devices.” This is not a security update.
https://www.bitwig.com/download/

darktable 4.0.1 resolves dozens of bugs. This is not a security update.
https://www.darktable.org/

MediaMonkey 5.1 resolves several bugs. This is not a security update.
https://www.mediamonkey.com/windows#download

Plex Desktop 1.55.0.3278 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.26.1.3276 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.29.0.6244 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Epic Games 14.2.4 resolves several bugs. This is not a security update.
https://www.epicgames.com/

GameMaker Studio 2022.9.0.49 improves stability. This is not a security update.
https://www.yoyogames.com/en/gamemaker

Lego Studio 2.22.9.3 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

Nintendo Switch 15.0.0 improves stability, changes a menu, and adds ability to take screenshots in NSO. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS4 10.01 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps4/system-software/

PS5 22.02-06.00.01 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2022.10.06 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Animate 21.0.12 and 22.0.8 are security updates.
https://helpx.adobe.com/security/products/animate/apsb22-54.html

Adobe Bridge 12.0.3 and 11.1.4 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb22-49.html

Adobe Experience Manager CS and 6.5.14.0 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb22-40.html

Adobe Illustrator 26.5 and 25.4.8 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb22-55.html

Adobe InCopy 17.4 and 16.4.3 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb22-53.html

Adobe InDesign 17.4 and 16.4.3 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb22-50.html

Adobe Photoshop 22.5.9 and 23.5 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb22-52.html

Adobe Reader DC 22.003.20258 is a security update.
https://get.adobe.com/reader

Audacity 3.2.1 improves stability. This is not a security update.
https://www.audacityteam.org/download/

Blender 3.3.1 adds hair geometry, improves deforming tools, and several other features. This is not a security update.
https://www.blender.org/download/

Krita 5.1.1 resolves several bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.4.1 resolves dozens of bugs. This is not a security update.
https://www.libreoffice.org/

Notepad++ 8.4.6 adds change history markers and tab context menu improvements. This is not a security update.
https://notepad-plus-plus.org/

PDF-XChange Editor 9.4.364.0 is a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Calibre 6.6.1 resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Kindle for PC 1.39.65306 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.1.1 resolves several bugs. This is not a security update.
https://github.com/countercept/chainsaw

HTTP Toolkit 1.11.0 doesn’t provide a changelog so should be treated as a security update.
https://httptoolkit.tech/

OnionShare 2.6 adds several new features. This is a security update.
https://onionshare.org/

OpenSSL 3.0.6 is a security update.
https://www.openssl.org/source/

OpenSSL 1.1.1r is a security update.
https://www.openssl.org/source/

OSFClone 1.4.1000 updates libraries and core OS. This is a security update.
https://www.osforensics.com/tools/create-disk-images.html

ProtonVPN 2.1.1 is a cosmetic update. This is not a security update.
https://protonvpn.com/download

ProtonVPN for macOS 3.0.3 is a cosmetic update. This is not a security update.
https://protonvpn.com/download

ReactOS 0.4.14.24 resolves dozens of bugs. This should be treated as a security update.
https://reactos.org/

uBlock Origin 1.44.4 resolves the broken :not() operator. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

VT-CLI 0.10.3 adds directory scanning and improves compatibility. This is not a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 28.0.3 resolves several bugs. This is not a security update.
https://obsproject.com/

ScreenToGif 2.37.1 resolves several bugs to improves compatibility. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 22.1.2 resolves an activation bug. This is not a security update.
https://download.techsmith.com/snagit/releases/snagit.msi

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.8.9 adds support for new encodings and improved hardware support. This is not a security update.
https://www.dvdfab.cn/download.htm

iMazing HEIC Converter 2.0.2 doesn’t provide a changelog. This is not a security update.
https://imazing.com/heic

PDF Creator 5.0 is a major update adding new features and organizational tools. This is not a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 5.0.5.6 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.15 adds split view improvements, adds math support, PDF improvements, and resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

BgInfo 4.32 now reports Windows Insider builds. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/bginfo

Bitwarden 2022.9.1 resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.04.10044 resolves several bugs. This is not a security update.
https://www.ccleaner.com/

Coreinfo 3.6 adds and option to measure inter-CPU latency. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/coreinfo

DesktopOK 10.34 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Etcher 1.7.9 adds update notification and resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

Everything 1.4.1.1022 is a security update.
https://www.voidtools.com/

Everything CLI 1.1.0.26 adds -exit, -reindex, and -utf8bom options, and resolves a Unicode write bug. This is not a security update.
https://www.voidtools.com/

Fido 1.35 is the fourth compatibility release for Windows 11 22H2. This is not a security update.
https://github.com/pbatard/Fido/releases

Git SCM 2.38.0 resolves over a dozen bugs. This is not a security update.
https://git-scm.com/

Go 1.19.2 is a security update.
https://go.dev/

GoodSync 12.0.7 resolves several bugs. This is not a security update.
https://www.goodsync.com/

grepWin 2.0.11 resolves several bugs. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

Kingston SSD Manager 1.5.2.4 doesn’t provide a changelog so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

NTLite 2.3.8.8945 improves compatibility. This is not a security update.
https://www.ntlite.com/download/

OSForensics 10.0.1004 improves documentation and reports, and updates several features. This is not a security update.
https://www.osforensics.com/download.html

PowerToys 0.63.0 resolves several bugs and updates dependencies. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ScreenConnect 22.8.9612.8308 adds key rotation, improved session management, improved compatibility and resolves several bugs. This is a security update.
https://www.connectwise.com/software/control/download

Sysmon 14.1 adds monitoring for FileBlockShredding events. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TaskSchedulerView 1.72 improves high-DPI compatibility. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

TeamViewer 15.34.4 improves multi-tab display. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

Unity 2022.1.19 resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

WinGet 1.3.2691 updates dependencies. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2021.3.1.16 improves wear OS compatibility. This is not a security update.
https://developer.android.com/studio

AutoIt 3.3.16.1 resolves several bugs. This is not a security update.
https://www.autoitscript.com/autoit3/docs/history.htm

GitHub Desktop 3.1.1 resolves several bugs. This is not a security update.
https://desktop.github.com/

MySQL Server 8.0.31 resolves dozens of bugs. This is not a security update.
https://dev.mysql.com/downloads/installer/

MySQL ConnectorNet 8.0.31 resolves several bugs. This is not a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 14.20.1 is a security update.
https://nodejs.org/en/

Node.js 16.17.1 is a security update.
https://nodejs.org/en/

Node.js 18.10.0 is a security update.
https://nodejs.org/en/

SQLite 3.39.4 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

TortoiseSVN 1.14.5 resolves several bugs. This is not a security update.
https://tortoisesvn.net/downloads.html

Visual Studio Code 1.72.1 is a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.0.0 is a major update adding full encryption support, cloud interop connectivity, new hardware virtualization features and resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.20 improves compatibility. This is not a security update.
https://coppermine-gallery.net/

Drupal 9.4.8 is a security update.
https://drupal.org/download

Joomla 4.2.3 resolves several bugs. This is not a security update.
https://www.joomla.org/

MailEnable 10.42 and 9.85 are security updates.
https://www.mailenable.com/

Piwigo 13.0.0 adds several new features and updates compatibility options. This is not a security update.
https://piwigo.org/

Akismet 5.0.1 resolves several bugs.
https://wordpress.org/extend/plugins/akismet/

Autoptimize 3.1.2 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

myStickymenu 2.6.1 removes the contact form character limit. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Postie 1.9.62 resolves a timezone bug. This is not a security update.
https://wordpress.org/extend/plugins/postie/

Redirection 5.3.4 resolves a “not” bug. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

Simple Lightbox 2.9.2 should be treated as a security update.
https://wordpress.org/extend/plugins/simple-lightbox/

Slider Revolution 6.6.3 resolves a couple bugs. This is not a security update.
https://revolution.themepunch.com/

W3 Total Cache 2.2.6 resolves a Cloudfront compatibility bug. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WP Mail SMTP 3.6.1 resolves several bugs and improves debug controls. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

WooCommerce 6.9.4 resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WordPress Importer 0.8 improves compatibility and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wordpress-importer/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2022-07-12

Posted on July 12, 2022 by Shawn K. Hall

Welcome back, Folks!

Today is Patch Tuesday for July, 2022. You know how you say something like “biggest update series in well over a year” and the next month just blows that out of the water? We’re there now.

This Month in Technology

Advocates, Inc., Aerojet Rocketdyne, Alabama Eye & Cataract, P.C., Alameda Health System, Aloha Laser Vision, Amagasaki, Japan, Amazon Photos, AMD, Anker Eufy, Aon, Aruba Networks Switches, ATC Healthcare, Bangladeshi government, Bank of the West, Baptist Medical Center and Resolute Health Hospital, Bayhealth Medical Center, Inc., BeanVPN, Benefit Plan Administrators, Inc., Bookchor, Bourse des Vols, Capital Economics, Carnival Corporation, Carolina Behavioral Health Alliance, Carolina Eyecare Physicians, LLC, Catholic Health System, Center for Sight, Inc., Central Florida Inpatient Medicine, Charlotte Radiology, Cherry Creek Eye Physicians and Surgeons, P.C., CHRISTUS Spohn Health System Corporation, Cisco Secure Email, Cisco VPN routers, Citrix Application Delivery Management, CoDeSys Automation Software, Community of Hope D.C., Crema Finance, Customer.io, Disneyland’s Facebook and Instagram accounts, DivX SubTitles, Django, DTEK Group, ExpressLRS, Fast Shop, Flagstar Bank, Florida Birth-Related Neurological Injury Compensation Association, Foxhall Ob Gyn Associates, Geographic Solutions, Gol Tours LTD, Grab, Harmony, Hillrom Medical, Honda cars, Hudson Regional Hospital, IBM, Ignitis Group, Indian Flood Monitors, Indian government, thousands of industrial devices, Israeli Defense, Kaiser Foundation Health Plan of Washington, Kaiser Permanente, Kernersville Eye Surgeons, P.C., Khouzestan Steel Company, almost a million Kubernetes clusters, La Poste Mobile, Latvian government, Lithuanian government, Long Vision Center, Macmillan Publishing, Mangatoon, Marriott International, Massachusetts Child and Family Services, Inc., Mattax Neu Prater Eye Center, Inc., MCG Health and Eye Care Leaders, Medical University of Innsbruck, MEGA, Michigan Avenue Immediate Care, Microsoft Azure FabricScape, Microsoft Exchange, Microsoft Windows Domain Servers, Mitel VoIP, New Jersey Health Information Management, Nichirin-Flex U.S.A., North American Spine Society, Norway govt sites, OpenSea, OrthoNebraska, Phelps Care Regional Medical Center, Preferred Hospital Leasing Coleman Inc., Professional Finance Company, Renton School District, Resolute Health Hospital, Rodeo Pharmacy Inc, Shanghai National Police, Sharper Vision P.A., SHI International, Shoprite, Sight Partners Physicians, P.C., Sophos Firewall, Southwest Health Center, St Joseph Heritage Health, Stanford University, Stokes Regional Eye Centers, TB Kawashima, The People Concern, The Vicksburg Clinic, LLC, Tosoh America, Inc., UK Army’s Twitter & YouTube, UNC Lenoir Health Care, University of Pisa, University Pediatric Dentistry, US Bank, Walmart, WellDyneRx, LLC, Wiltshire Farm Foods, Yodel, Yuma Regional Medical Center, and Zimbra reportedly been hacked or compromised this month.

Some vendors, like CafePress, simply don’t care about security – and do their best to conceal when they’re hacked. I contacted them to report when they were hacked back in 2014 and they ignored me. Sigh.

Microsoft 365, Cloudflare, Microsoft Teams, Rogers (it was a big one), and Microsoft Office / OneDrive had widespread outages.

Facebook is collecting the patient data of millions, and is also blocking the link to the Facebook settlement class action website. You think they would have learned.

Attackers are using Google Chrome Extension fingerprinting to uniquely identify you. This method works in any Chromium browser.

Spam is still the #1 method of exploiting users. Whether it is a fake renewal notice, fake copyright complaints, or fake invoice, most spams will include a fake login form or a fake support number. In both cases they depend on the user to actually enter the login details or call the scammer to fall prey to their attacks. Online development environments are even being used for these attacks.

Counterfeit hardware can be far more dangerous than the real thing. Even though some vendors only support their hardware a few years before you have to replace it, counterfeits are never supported and often have malicious implants.

Microsoft has rolled back (temporarily) their decision to block macros by default.

MITRE staff didn’t understand that publishing vulnerable sites, not just vulnerability information was bad, while a HackerOne employee was selling exploits before they were published, and an Amazon employee installed cryptominers on Capital One servers. Adobe is using malware traits to block antivirus software from scanning PDF files. How quickly these organizations can shatter their trust.

Here’s a great example of how a single vulnerability will be used to get far deeper into your network and hardware.

Storing your password directly in the browser is dangerous. Use a password manager.

Now for the good news:

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 3 GB in updates today. Let’s get started.

Microsoft released updates to address 74 vulnerabilities in Azure Site Recovery, Azure Storage Library, DNS Server, Microsoft Defender for Endpoint, Microsoft Edge, Microsoft Graphics Component, Microsoft Lync, Microsoft Office, Open Source Software, Skype for Business, Windows Active Directory, Windows Advanced Local Procedure Call, Windows BitLocker, Windows Boot Manager, Windows Client/Server Runtime Subsystem, Windows Connected Devices Platform Service, Windows Credential Guard, Windows Fast FAT Driver, Windows Fax and Scan Service, Windows Fax Service, Windows Group Policy, Windows Hyper-V, Windows IIS, Windows Kernel, Windows Media, Windows Network File System, Windows Performance Counters, Windows Point-to-Point Tunneling Protocol, Windows Portable Device Enumerator Service, Windows Print Spooler Components, Windows Remote Procedure Call Runtime, Windows Security Account Manager, Windows Server Service, Windows Shell, Windows Storage, XBox, and MSRT (~3 GB). This includes security updates. A reboot is required.

Google Chrome OS 103.0.5060.114 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 22.6.1 adds support for newer hardware. This is not a security update.
https://www.amd.com/en/support

Crucial Storage Executive 7.12 doesn’t provide a changelog so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Display Driver Uninstaller 18.0.5.2 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Intel Driver and Support Assistant 22.4.26 improves user interface. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Samsung DeX 2.4.0.29 doesn’t provide a changelog so should be treated as a security update.
https://www.samsung.com/us/apps/dex/

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.41.96 is a security update.
https://brave.com/

SeaMonkey 2.53.13 is a security update.
https://www.seamonkey-project.org/

Google Chrome 103.0.5060.114 is a security update.
https://www.google.com/chrome/

Microsoft Edge 103.0.1264.51 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 102.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 91.11.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 5.3.2679.68 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.45 adds a command-line option to control columns in exports. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 102.0.2 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

curl 7.84.0 resolves over a hundred bugs. This is a security update.
https://curl.haxx.se/windows/

Dropbox 152.4.4880 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 153.0.0.19.110 is a security update.
https://www.messenger.com/download

FreeFileSync 11.22 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 60.0 resolves several bugs. This is not a security update.
https://drive.google.com/start

Nextcloud Server 24.0.2 updates libraries, and resolves over 50 bugs. This is a security update.
https://nextcloud.com/

Npcap 1.70 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Rclone 1.59.0 adds support for new backends, metadata framework, resolves several bugs, and updates libraries. This is not a security update.
https://rclone.org/

Signal 5.49.0 doesn’t provide a detailed changelog so should be treated as a security update.
https://signal.org/download/windows/

Skype 8.85.0.409 improves their propaganda tools and resolves several bugs. This is not a security update.
https://www.skype.com/

Syncthing 1.20.3 resolves several bugs. This is not a security update.
https://syncthing.net/

Technitium DNS Server 8.1.4 resolves several bugs. This is not a security update.
https://technitium.com/dns/

Telegram 4.0.2 resolves several bugs. This is not a security update.
https://telegram.org/

WinSCP 5.21.2 is a security update.
https://winscp.net/eng/index.php

Zoom 5.11.1.6602 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 3.0.2 updates libraries and resolves several bugs. This is not a security update.
https://en.3tene.com/

darktable 4.0.0 is a major update. This version improves color space, exposure, contrast controls and hundreds of other features, as well as resolving over 100 issues. This should be treated as a security update.
https://www.darktable.org/

Picard 2.8.2 resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.48.2.3124 adds option to disable some Discover features, resolves several bugs with Search and Watchlist. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.20.2.3110 resolves a stability bug. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.27.2.5929 improves logging, adds support for Musicbrainz tags, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Epic Games 14.1.2 resolves several bugs. This is not a security update.
https://www.epicgames.com/

GameMaker Studio 2022.6.0.23 adds Feather support, room editor filters, additional extension features, and resolves dozens of bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

Lego Studio 2.22.6.1 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

PlayStation PS5 22.01-05.50.00 resolves several bugs and improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

PlayStation PS4 9.60 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps4/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe RoboHelp RH2020.0.8 is a security update.
https://www.adobe.com/support/robohelp/downloads.html

Adobe Acrobat and Reader 22.001.20169, 20.005.30362, and 17.012.30249 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb22-32.html

Adobe Character Animator 22.5 is a security update.
https://www.adobe.com/creativecloud/catalog/desktop.html

Adobe Photoshop 22.5.8 and 23.4.1 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb22-35.html

Artweaver 7.0.13 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Calibre 6.0 is a major update. This version adds full text search, new hardware support and performance improvements, a new URL scheme, and read-aloud support. It also removed 32-bit support. This is not a security update.
https://calibre-ebook.com/

Gimp 2.10.32 adds HiDPI, high bit-depth and multi-threading support, dark theme, improved color control, masking, and warp. This is not a security update.
https://www.gimp.org/

Kindle for PC 1.37.65274 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

Nextcloud Desktop 3.5.2 resolves over a dozen bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.4.3 adds option to limit search results to one line per file, adds EOL customization, adds new document shortcuts, and resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Security Software Updates

One or more of these is likely to be of interest to most people.

Intel CSMEVDT 7.0.2.0 resolves a documentation error. This is not a security update.
https://www.intel.com/content/www/us/en/download/19392/28632/intel-converged-security-and-management-engine-version-detection-tool-intel-csmevdt.html

FSS 2022.6.14 doesn’t provide a changelog so should be treated as a security update.
https://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/

Gpg4win 4.0.3 is a security update.
https://www.gpg4win.org/download.html

HTTP Toolkit 1.9.0 improves issue tracking and feedback. This is not a security update.
https://httptoolkit.tech/

MalwareBytes Anti-Malware 4.5.10.200 is a security update.
https://www.malwarebytes.org/antimalware/

OpenSSL (SLP) 3.0.5 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

OpenSSL 1.1.1q is a security update.
https://www.openssl.org/source/

ProtonVPN 2.0.3 resolves several bugs. This is not a security update.
https://protonvpn.com/download

ProtonVPN (macOS) 3.0.1 resolves several bugs. This is not a security update.
https://protonvpn.com/download

SanDisk PrivateAccess 6.3.10 does not provide a changelog so should be considered a security update.
https://kb.sandisk.com/app/answersweb/detailweb/a_id/21996

Tails 5.2 is a security update.
https://tails.boum.org/install/dvd/index.en.html

YARA 4.2.2 is a security update.
https://github.com/VirusTotal/yara/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 22.1.0 adds several new features, improves performance, and resolves several bugs. This is not a security update.
https://download.techsmith.com/snagit/releases/snagit.msi

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.7.8 adds support for new encodings and resolves several stability bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

iMazing HEIC Converter 2.0.0 doesn’t provide a changelog so should be considered a security update.
https://imazing.com/heic

IsoBuster 5.0 is a major update that adds a 64-bit version, high-DPI scaling, themes, improved media support and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php

MakeMKV 1.17.0 improves reliability, adds support for new encodings, and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.9 adds PDF rotation and resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Windows 8.7.3 is a major update adding several new cosmetic and integration improvements, and search and filter options. This is a security update.
https://1password.com/downloads/windows/

1Password for Mac 8.7.3 is a major update adding several new cosmetic and integration improvements, and search and filter options. This is a security update.
https://1password.com/downloads/mac/

7-Zip 22.00 adds support for APFS, pax, adds zone.id, and resolves several bugs. This is not a security update.
https://www.7-zip.org/

8GadgetPack 35.0 improves compatibility, adds keyboard shortcuts, and resolves several bugs. This is not a security update.
https://8gadgetpack.net/

Agent Ransack 2022.3335 adds new columns, improves view state restoration, and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

CCleaner 6.01.9825 adds support for new apps and resolves several bugs. This is not a security update.
https://www.ccleaner.com/

Dell OS Recovery Tool 2.3.7012.0 doesn’t provide a changelog so should be treated as a security update.
https://www.dell.com/support/home/uk/en/ukbsdt1/drivers/osiso/recoverytool

DesktopOK 9.97 expands toolset. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 3.0.84.0 adds personalization, search statistics, Excel row numbers, and resolves several bugs. This is not a security update.
https://dngrep.github.io/

dupeGuru 4.3.1 resolves a false duplication detection bug. This should be treated as a security update if you use dupeGuru to remove duplicate files.
https://dupeguru.voltaicideas.net/

FileLocator Pro 2022.3335 adds new columns, improves view state restoration, and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Git SCM 2.37.0 resolves several bugs and improves CLI support. This is a security update.
https://git-scm.com/

GoodSync 11.11.5 resolves dozens of bugs. This is a security update.
https://www.goodsync.com/

Intel CPU Diagnostic 4.1.7.39 adds tests for newer hardware, resolves several bugs, and updates components. This is not a security update.
https://www.intel.com/content/www/us/en/download/15951/intel-processor-diagnostic-tool.html

IsMyHdOK 3.66 improves compatibility and SSD/SSHD detection. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NTLite 2.3.6.8804 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

PointerStick 5.88 improves support for virtual desktops and multiple screens. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.60.0 resolves several bugs and improves compatibility. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 9.3.3 adds (and resolves bugs within) OTP feature, improves search, and resolves several bugs. This is not a security update.
https://www.roboform.com/

Rufus 3.19 adds an option for setup customization, updates drivers, and resolves several bugs. This is not a security update.
https://rufus.ie/en_US/

SearchMyFiles 3.20 adds filename length filter. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

Synergy 1.14.5 resolves several bugs. This is not a security update.
https://symless.com/synergy/

TeamViewer 15.31.5 improves video experience and adds remote terminal to the Computers & Contacts list. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

Unity 2022.1.8 updates libraries and resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

WhyNotWin11 2.5.0.1 resovles several bugs. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WifiInfoView 2.77 improves high-DPI support. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

ZoomText 2022.2206.7.400 adds languages and resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

GitHub Desktop 3.0.3 resolves several bugs. This is not a security update.
https://desktop.github.com/

Node.js 18.5.0 is a security update.
https://nodejs.org/en/

Node.js 16.16.0 is a security update.
https://nodejs.org/en/

Node.js 14.20.0 is a security update.
https://nodejs.org/en/

Rustup 1.25.0 adds support for arm64, improved integration and resolves several bugs. This is not a security update.
https://www.rust-lang.org/

Redemption 6.2.0.6122 resolves several bugs. This is not a security update.
https://www.dimastr.com/redemption/

SQLite 3.39.0 adds support for right and full outer join, distinct from, and resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.69.1 adds 3-way merge, improved command center UI for search, DND mode, and resolves several bugs. This is a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 9.3.18 is a security update.
https://drupal.org/download

Drupal 9.4.0 is a security update.
https://drupal.org/download

HumHub 1.11.4 is a security update.
https://www.humhub.com/en/download

Joomla 4.1.5 resolves several bugs. This is the last of the 4.1 series. This is not a security update.
https://www.joomla.org/

jQuery 3.6.0
https://code.jquery.com/

MailEnable 10.40 updates libraries and resolves over a dozen bugs. This is a security update.
https://www.mailenable.com/

Piwigo 12.3.0 resolves several bugs. This is not a security update.
https://piwigo.org/

WordPress 6.0.1 resolves over two dozen bugs. This is not a security update.
https://wordpress.org/

Akismet 4.2.5 resolves a bug. This is not a security update.
https://wordpress.org/extend/plugins/akismet/

Antispam Bee 2.11.1 cleans up code. This is not a security update.
https://wordpress.org/extend/plugins/antispam-bee/

Contact Form 7 5.6 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.4.7 improves compatibility. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

Interactive World Map 3.2.0 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/interactive-world-map/

Postie 1.9.61 resolves a MIME warning. This is not a security update.
https://wordpress.org/extend/plugins/postie/

NextScripts Social Networks Auto-Poster 4.3.26 is a security update.
https://wordpress.org/extend/plugins/social-networks-auto-poster-facebook-twitter-g/

Slider Revolution 6.5.25 resolves a dozen bugs. This is not a security update.
https://revolution.themepunch.com/

Sucuri Security 1.8.32 is a critical security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

W3 Total Cache 2.2.3 is a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 6.6.1 resolves dozens of bugs. This is a security update.
https://wordpress.org/extend/plugins/woocommerce/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/